There is a command injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of multiple network parameters, an authenticated attacker could use the vulnerability to execute arbitrary commands.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
zte mc801a_firmware mc801a_elisa3_b19 |
||
zte mc801a1_firmware mc801a1_elisa1_b04 |
Vulmon